Cisco Talos recently discovered multiple remote code execution vulnerabilities in various Aspose APIs. Aspose provides a series of APIs for manipulating or converting a large family of document formats. These vulnerabilities exist in APIs that help process PDFs, Microsoft Word files and more. An attacker could exploit these vulnerabilities by sending a specially crafted, malicious file to the target and trick them into opening it while using the corresponding API.
Vulnerability details
Aspose Aspose.Cells LabelSst remote code execution vulnerability (TALOS-2019-0794/CVE-2019-5032)
An exploitable out-of-bounds read vulnerability exists in the LabelSst record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.
Read the complete vulnerability advisory
here for additional information.
Aspose Aspose.Cells number remote code execution vulnerability (TALOS-2019-0795/CVE-2019-5033)
An exploitable out-of-bounds read vulnerability exists in the Number record parser of Aspose Aspose.Cells 19.1.0 library. A specially crafted XLS file can cause an out-of-bounds read, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.
Read the complete vulnerability advisory
here for additional information.
Aspose Aspose.Words EnumMetaInfo code execution vulnerability (TALOS-2019-0805/CVE-2019-5041)
An exploitable stack-based buffer overflow vulnerability exists in the EnumMetaInfo function of Aspose Aspose.Words library, version 18.11.0.0. A specially crafted doc file can cause a stack-based buffer overflow, resulting in remote code execution. An attacker needs to provide a malformed file to the victim to trigger this vulnerability.
Read the complete vulnerability advisory
here for additional information.
Versions tested
CVE-2019-5033 and CVE-2019-5034 affect Aspose.Cells, version 19.1.0. CVE-2019-5041 affects Aspose.Words, version 18.11.0.0.
Coverage
The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rules: 49756, 49757, 49760, 49761, 49852, 49853